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The Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

Listing of Claims: 

1.-46. (cancelled) 

47. (previously presented): 

A method for secure in-band management of a network device that provides routing and 
forwarding services, the method comprising: 

transferring data between core data links and customer data links where the customer data 
links including Virtual Private Network (VPN) data links and non-VPN data links; 

dedicating one of the VPN data links to the transfer of management commands; 

linking the dedicated VPN data link to a source of management commands; 

using the VPN to transfer management commands from the source of the management 
commands to the network device; and 

transferring management commands between the dedicated VPN data link and a router 
configuration management module. 

48. (previously presented): 

The method of claim 47 wherein transferring management commands between the dedicated 
VPN data link and a router configuration management module includes transferring 
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management commands through a management port of the router configuration management 

module. 

49. (previously presented): 

The method of claim 47 wherein the network device is one of a network switch, a network 
bridge, a network hub, and a network gateway. 

50. (previously presented): 

The method of claim 47 wherein the network device can perform one of Internet Protocol (IP) 
services, Multiprotocol Label Switching (MPLS) services, and Asynchronous Transfer Mode 
(ATM) services. 

5 1 . (previously presented) : 

The method of claim 47 wherein the source of the management commands is one of a 
management device and a management function. 

52. (previously presented): 

A network device that provides routing and forwarding services, the network device 
comprising: 

a routing and forwarding module to transfer data between core data links and customer 
data links in accordance with source and destination information contained in the data, 
the customer data links including Virtual Private Network (VPN) data links and non-VPN 
data links; 
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a router configuration management module to perform management operations for the 

network device according to received management traffic; and 

a management VPN module coupled to the routing and forwarding module, to one of the 
VPN data links, and to the management VPN module, the management VPN module to 
transfer management traffic between the router configuration management module and 
the one of the VPN data links. 

a management port coupled to the router configuration module to receive the non- VPN 
management commands for the router configuration module; and 

53. (previously presented): 

The network device of claim 52 wherein the network device is one of a network switch, a 
network bridge, a network hub, and a network gateway. 

54. (previously presented): 

The network device of claim 52 wherein the network device can perform one of Internet 
Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and Asynchronous 
Transfer Mode (ATM) services. 

55. (previously presented): 

The network device of claim 52 wherein the source of the management commands is one of a 
management device and a management function. 
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56. (previously presented): 

A network device that provides routing and forwarding services, the network device 
comprising: 

means for transferring data between core data links and customer data links where the 
customer data links including Virtual Private Network (VPN) data links and non-VPN 
data links; 

means for dedicating one of the VPN data links to the transfer of management traffic; 

means for linking the dedicated VPN data link to a source of management commands; 

means for using the VPN to transfer management commands from the source of the 
management commands to the network device; and 

means for transferring management commands between the dedicated VPN data link and 
a router configuration management module. 

57. (previously presented): 

The network device of claim 56 wherein the means for transferring management commands 
between the dedicated VPN data link and a router configuration management module 
includes means for transferring management commands through a management port of the 
router configuration management module. 

58. (previously presented): 

The network device of claim 56 wherein the network device is one of a network switch, a 
network bridge, a network hub, and a network gateway. 
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59. (previously presented): 

The network device of claim 56 wherein the network device can perform one of Internet 
Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and Asynchronous 
Transfer Mode (ATM) services. 

60. (previously presented): 

The network device of claim 56 wherein the source of the management commands is one of a 
management device and a management function. 

61. (currently amended): 

A machine-readable storage medium providing instructions, which if when executed by a 
processor, cause the processor to perform an operation comprising: 

transferring data between core data links and customer data links where the customer data 
links including Virtual Private Network (VPN) data links and non-VPN data links; 

dedicating one of the VPN data links to the transfer of management commands; 

linking the dedicated VPN data link to a source of management commands; 

using the VPN to transfer management commands from the source of the management 
commands to the network device; and 

transferring management commands between the dedicated VPN data link and a router 
configuration management module. 
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62. (currently amended): 

The machine-readable storage medium of claim 61 wherein transferring management 
commands between the dedicated VPN data link and a router configuration management 
module includes transferring management commands through a management port of the 
router configuration management module. 

63. (currently amended): 

The machine-readable storage medium of claim 61 wherein the network device is one of a 
network switch, a network bridge, a network hub, and a network gateway. 

64. (currently amended): 

The machine-readable storage medium of claim 61, further providing instructions, which if 
executed by the processor, further cause the processor to perform an operation comprising 
one of performing Internet Protocol (IP) services, performing Multiprotocol Label Switching 
(MPLS) services, and performing Asynchronous Transfer Mode (ATM) services. 

65. (currently amended): 

The machine-readable storage medium of claim 61 wherein the source of the management 
commands is one of a management device and a management function. 

66. (previously presented): 

A data network comprising: 

a plurality of network devices that provide routing and forwarding services for the data 
network including transferring data between core data links and customer data links, the 
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customer data links including Virtual Private Network (VPN) data links and non-VPN 

data links, wherein each of the plurality of network devices includes: 

a routing and forwarding module to transfer data between core data links and 
customer data links in accordance with source and destination information contained 
in the data; 

a router configuration management module to perform management operations for the 
network device according to received management traffic; and 

a management VPN module coupled to the routing and forwarding module, to one of 
the VPN data links, and to the management VPN module, the management VPN 
module to transfer management traffic between the router configuration management 
module and the one of the VPN data links. 

67. (previously presented): 

The data network of claim 66 wherein each of the plurality of network devices is one of a 
network switch, a network bridge, a network hub, and a network gateway. 

68. (previously presented): 

The data network of claim 66 wherein the plurality of network devices can perform one of 
Internet Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and 
Asynchronous Transfer Mode (ATM) services. 
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69. (previously presented): 



The data network of claim 66 wherein the source of the management commands is one of a 
management device and a management function. 
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